Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Open_sdn_controller | Projectfloodlight | 1.2 (including) | 1.2 (including) |